[Cryptography] Help with Raspberry Pi IoT initialization...
Ralf Senderek
crypto at senderek.ie
Fri Mar 11 02:18:20 EST 2016
On Thu, 10 Mar 2016, Peter Todd wrote:
> Note that the RPI firmware on all models is writable/updatable and as far as I
> can tell can't be put into read-only mode.
Lacking any flash memory, the Raspberry Pi's firmware is (AFAIK) stored on the
boot medium (SD card) but in a separate partition, so that the boot partition
is not affected by firmware changes. Even though everything on the Pi is writable
a verification code, started from the separate partition, could - in principle -
verify the boot partition's fingerprint, BUT there is absolutely no guarantee
that this code has not been tampered with. And, using the boot partition for
anything but reading destroys even this possibility.
[root at lap ~]# md5sum /dev/sdc1
72cf5108ad7d989081c8f9664fa46694 /dev/sdc1
[root at lap ~]# mount /dev/sdc1 /mnt
[root at lap ~]# umount /dev/sdc1
[root at lap ~]# md5sum /dev/sdc1
606911db0d7d6d3444c2876005dfe56f /dev/sdc1
So there's no way around an independent verification of the boot media, the Pi
cannot do it on its own.
-- ralf
More information about the cryptography
mailing list